in mid-August the PTS ordered Bahnhof to start retaining data again, Bahnhof CEO Jon Karlung said. The PTS has made a 180-degree turn in policy by ordering Bahnhof -- and Tele2, which also stopped retaining data for a while -- to resume doing so.

According to a PTS spokesman, it was the government that ordered the PTS to start enforcing the Swedish data retention law again. "They appointed a commissioner to investigate if the Swedish national legislation could still be applied" despite the CJEU's ruling, he said. The commissioner came to the conclusion that the national legislation stands, and from that point on, the PTS has been enforcing the law again, he said.

Bahnhof, the renowned Swedish network operator and internet carrier joins forces with 5th of July Foundation to urge the EU Commission to initiate proceedings against the Kingdom of Sweden for blatantly ignoring the judgment of the Court of Justice of the European Union on April 8, 2014, which declared the Data Retention Directive invalid. Sweden now fails to fulfil its obligations according to The Charter of Fundamental Rights of the European Union, articles 7 and 8, ‘Respect for private and family life’ and ‘Protection of personal data’.

It's rather a long shot, since the European Commission has given no indication it wants to get rid of data retention, and so is unlikely to help Bahnhof in its battle with the Swedish authorities. Still, it's nice change to have an ISP willing to stand up for its users time and again, as Bahnhof has done; long may it continue to do so.

from the how-it-all-works dept

When Sweden first put in place its IPRED law, which required ISPs to hand over identifying info on people accused of file sharing, one of the first ISPs to respond was Banhof, who immediately put in place a new policy to delete all log files. Now that Sweden is pushing forward with a data retention law that would require ISPs to keep log files, Banhof has taken things up a notch by encrypting all traffic on their network via a VPN. That means that even if it keeps logfiles, the information will be effectively useless. Honestly, I'm surprised that more ISPs haven't done something similar and pitched themselves as focused on protecting privacy. It's difficult to see how Swedish politicians can really respond to this. They can't exactly order ISPs not to encrypt traffic. Just think of the mess that would cause. So, as the US starts looking (again) at data retention laws, they might want to consider what's happening in Sweden.